摘要
SPHINCS+是一种无状态的数字签名算法.2022年11月,美国国家标准与技术研究院(NIST)宣布SPHINCS+成为即将被标准化的后量子数字签名算法,目前已进入具体参数选取的讨论阶段.SPHINCS+的安全性仅依赖于其所使用的杂凑函数的抗某种变体的(第二)原像攻击的强度,从安全性角度看,基于杂凑函数的数字签名方案是最保守的设计.在第四届NIST后量子密码标准化会议中,NIST后量子密码(NIST PQC)团队Dustin Moody在他的报告“NIST PQC:Looking into the future”中指出了选择SPHINCS+的原因:坚实的安全性以及其基于与格密码不同的安全性假设.本文利用杂凑函数SM3实例化SPHINCS+,给出了2组达到NIST后量子密码算法征集文档(NIST PQC CFP)中第1安全等级的参数实例,并进行了初步的性能测试.
SPHINCS+is a stateless hash-based digital signature scheme.In November 2022,the National Institute of Standards and Technology(NIST)announced that SPHINCS+will be standardized,and has started the discussion of the parameter selection.The security of SPHINCS+relies solely on a variant of the(second)pre-image resistance of the underlying hash functions.Hash-based signature schemes are believed to be the most conservative signature designs with respect to security.At the Fourth PQC Standardization Conference,Dustin Moody from the NIST PQC team stated in the report“NIST PQC:Looking into the future”that,SPHINCS+is selected for its solid security and it is based on a different set of assumptions from lattices.This paper instantiates the SPHINCS+framework with SM3,provides two sets of parameters fulfilling the level-1 security specified in the NIST PQC call for proposals,and presents some results of preliminary performance test.
作者
孙思维
刘田雨
关志
何逸飞
胡磊
荆继武
张立廷
闫海伦
SUN Si-Wei;LIU Tian-Yu;GUAN Zhi;HE Yi-Fei;HU Lei;JING Ji-Wu;ZHANG Li-Ting;YAN Hai-Lun(School of Cryptology,University of Chinese Academy of Sciences,Beijing 100049,China;State Key Laboratory of Cryptology,Beijing 100878,China;National Engineering Research Center for Software Engineering,Peking University,Beijing 100871,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China;CETC Cyberspace Security Technology Co.Ltd.,Beijing 100070,China)
出处
《密码学报》
CSCD
2023年第6期1266-1278,共13页
Journal of Cryptologic Research
基金
国家重点研发计划(2022YFB2701900)
国家自然科学基金(62032014,62202444)
中央高校基本科研业务费专项资金。
